12 matches found
CVE-2022-2983
The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-2983
The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-2983
The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
Cross site scripting
The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-2983 Salat Times < 3.2.2 - Admin+ Stored Cross-Site Scripting
The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-2983 Salat Times < 3.2.2 - Admin+ Stored Cross-Site Scripting
The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2022-2983
The CVE-2022-2983 affects the Salat Times WordPress plugin prior to version 3.2.2. Root cause: settings are not properly sanitized/escaped, enabling stored Cross-Site Scripting by high-privilege users (e.g., admins) even with unfiltered_html disallowed. An exploit payload example is provided (XSS...
WordPress plugin Salat Times 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2022-19861 · WordPress · Salat Times
Name of the Vulnerable Software and Affected Versions: Salat Times WordPress plugin versions prior to 3.2.2 Description: The issue allows high-privilege users, such as admins, to perform Cross-Site Scripting attacks. This is possible because the plugin does not properly sanitize and escape its...
WordPress Salat Times plugin <= 3.2.1 - Auth. Stored Cross-Site Scripting (XSS) vulnerability
Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas in the WordPress Salat Times plugin versions = 3.2.2. Solution Update the WordPress Salat Times plugin to the latest available version at least 3.2.2...
Salat Times < 3.2.2 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Put the following payload in any text field of Settings Salat Times: " Save, and the XSS will be...
Salat Times < 3.2.2 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Put the following payload in any text field of Settings Salat Times: " Save, and the XSS will be...